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Abstract 

In order to verify programs or hybrid systems, one often needs to prove 
tliat certain formulas are unsatisfiable. In this paper, we consider con- 
junctions of polynomial inequalities over the reals. Classical algorithms 
for deciding these not only have high complexity, but also provide no 
simple proof of unsatisfiability. Recently, a reduction of this problem to 
semidefinite programming and numerical resolution has been proposed. 
In this article, we show how this reduction generally produces degenerate 
problems on which numerical methods stumble. 

1 Introduction 



In or der to verify properties of co mputer programs, hy brid systems [Morari and Thiele 



20Q5f , or even biological systems Ghosh et al.l . l2003l | , one often needs to prove 



that a formula is unsatisfiable. For instance, we may wish to prove that a set of 
states / is a program invariant: this means that there is no pair of states (s, s') 
such that s —^r s' , s € I and s' ^ /, where r is the transition relation. A proof 
of unsatisfiability leads to a proof of program safety. A satisfiability witness (a 
pair of states s, s') may be provided to the user as a counterexample to the / 
"invariant candidate" ; it may also be used for autom ated counterexample-based 
refinement ^Ball and Ra jam ani. 2002, Em erson and Sistla, 2000] . 

In general, formulas arising from program verification contain both conjunc- 
tions and disjunctions. One can reduce satisfiability of such formulas to the 
satisfiability of conjunctions by applying distributivity, but this usually leads 
to blowup. A better approach is satisfiability modulo theory: the problem is 
reduced to boolean satisfiability testing (SAT), a NP-completc problem for 
which there exist practically efficient procedures, with the a ddition of theory 



lemm as stating that certain conjunctions are not satisfiable [Ganzinger et al 



2004| . This approach relies on the availability of a (fast) decision procedure 
for conjunctions, which, ideally, given a contradictory conjunction, outputs a 
contradictory subset. 

In this article, we consider the following problem: given a conjunction of 
polynomial equalities, and (wide and strict) polynomial inequalities, with integer 
or rational coefficients, decide whether this conjunction is satisfiable ; that is, 
whether one can assign real values to the variables so that the conjunction holds. 
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The decision problem for real polynomial inequalities can be reduced to 
quantifier elimination: given a formula F, whose atomic formulas are polyno- 
mial (in)equalities, containing quantifiers, provide another, equivalent, formula 
F' , whose atomic formulas are still polynomial (in)equalities, containing no 
quantifier. Quantifier elimination over a formula where all variables are ex- 
istentially quantified yields an equivalent ground formula (a formula with no 
variable), whose truth can be decided by mere syntactic evaluation. An algo- 
rithm for quantifier elimination over the the ory of real cl osed fields (roughly 
speaking, (M, 0, , <) was first proposed by iTarski 1951 1, but this algorithm 
had non-elementary complexity and thus was impractical. Later, the cylin drical 
algebraic decomposition (CAD) algorithm was proposed by Collins 1975"!, with 
a doubly exponential complexity, but despite improvements ^Collins . .1998 ] CAD 
is still slow in practice and there are few implementations available. 

While quantifier elimination provides a procedure for deciding the satisfiabil- 
ity of quan t ifier-f ree constraint systems, it is not the only method for doing so. 
iBasu et aD 1996L Theorem 3] proposed a satisfiability testing algorithm with 
complexity s''~^^ d'-'^''\ where s is the number of distinct polynomials appearing 
in the formula, d is their maximal degree, and k i s the number of variables. 
We know of no implementation of that algorithm. Tiwaril 2005j proposed an 
algorithm based on rewriting systems that is supposed to answer in reasonable 
time when a conjunction of polynomial inequalities has no solution. 

Many of the algebraic algorithms are complex, which leads to complex im- 
plementatyions. This poses a methodology problem for program verification: 
can one trust them? Can one rely on a complex verification system in order to 
prove that a complex program contains no bugs? We could either prove correct 
the implementation of the algorithm using a proof assistant, or we could arrange 
for the decision procedure to provide a witness of its result. The answer of the 
procedure is correct if the witness is correct, and correctness of the witness can 
be checked by a simple procedure. We know how to provide unsatisfiability 
witnesses for systems of complex equalities or linear rational inequalities. It is 
therefore tempting to seek unsatisfiability witnesses for systems of polynomial 
ine qualities. 

HarrisonI [2007| . IParrilol [200d | have suggested looki ng for proof w itnesses 



whose existence is guaranteed by the Positivstellensatz Stengle . 1973| . These 
witnesses involve sums of squares of polynomials, which are obtained as solutions 
of a semidefinite programming (SDP) problem, solved by numerical methods. 

In this article, we show how the reduction of the problem of finding Pos- 
itivstellensatz witnesses to semidefinite programming leads, in general, to de- 
generate cases that cannot be solved numerically. It is possible to recast the 
problem in lower dimension so as to remove degeneracy, but doing so involves 
computing the Zariski closure of the solution set, by algebraic methods. Since 
this is as complex as finding a solution point to the SDP problem by algebraic 
method, we gain nothing by using numerical solver. 

We therefore conclude that, though promising it may have seemed, finding 
Positivstellensatz witnesses through semidefinite programming numerical tech- 
niques is impractical. 
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2 Unsatisfiability Witnesses 



For some interesting theories, it is trivial to check that a given valuation of 
the variables satisfies the formula (e.g., for linear inequalities over the rationals, 
it suffices to replace the variables by their value and evaluate the form). A 
satisfiability decision procedure will in this case tend to seek a satisfiability 
witness and provide it to the user when giving a positive answer 

In contrast, if the answer is that the problem is not satisfiable, the user has 
to trust the output of the satisfiability testing algorithm, the informal meaning 
of which is "I looked carefully everywhere and did not find a solution." . In 
some cases, it is possible to provide unsatisfiability witnesses: solutions to some 
form of dual problem that show that the original problem had no solution. In 
order to introduce the Positivstellensatz approach, we first briefiy explain two 
simpler, but similar, problems with unsatisfiability witnesses. 



2.1 Linear Inequalities 

Let C be a conjunction of (strict or wide) linear inequalities. A satisfiability 
witness is just a valuation such that the inequalities hold, and can be obtained 
by linear programming for instance. 

Can we also have unsatisfiability witnesses? For the sake of simplicity, 
let us consider the case where all the inequalities are wide and take C to be 
Li(xi, . . . ,Xm) > A • • • A Ln{xi, . . . ,Xm) > whcre the Li are affine lin- 
ear forms. Obviously, if ai, . . . , q;„ are nonnegative coefficients, then if C holds, 
then ^ aiLi{xi, . . . , Xm) > also holds. Thus, if one can exhibit ai, . . . , a„ > 
such that ^UiLi = — 1 — otherwise said, a nonnegative linear combination of 
the inequalities is a trivial contradiction — , then C does not hold. The vector 
(ai, . . . , q;„) is thus an unsatisfiability witness. 

This refutation method is evidently sounds that is, if such a vector can be 
exhibited, then the original problem had no solution. It is also complete: one 
can always obta in such a vecto r if the original problem C is unsatisfiable, from 
Farkas' lemma Dantzis . 19981 §6.4, theorem 6]. A constructive proof of the 



same fact can be obtain ed by considering the result of the Fourier-Motzkin 



algorithm [Dantzigj . ll998l . §4.4] applied to all variables: it outputs a conjunction 
of variable-free formulas, equivalent to C and obtained by nonnegative linear 
combinations of the Li. C is unsatisfiable if and only if at least one of these 
variable-free positive linear combinations is absurd, and this one provides a 
witness. 

Interestingly, the witness is obtained as a solution of a dual problem of the 
same nature as the original problem. That is, the unsatisfiability witness is 
itself the solution of a system of linear equalities and inequalities... which can 
be solved by linear programming. 



2.2 Complex Polynomial Equalities 

Let C be a conjunction of polynomial equalities Pi(xi, . . . ,Xm) = A • • • A 
P„(a;i, . . . , Xm) = whose coefficients lie in a subfield K (say, the rational 
numbers Q) of an algebraically closed field K' (say, the complex numbers C). 
C is said to be satisfiable if one can find a valuation in K' of the variables in C 
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such that the cquahties hold. Such a valuation thereby constitutes a satisfiability 
witness. 

Let us first remark that it is insufficient to look for the coefficients of the 
satisfiability witness inside K: for instance, X'^ = 2 has no rational solutions, 
but has real solutions X = ±y/2. Worse, it is a fact of Galois theory that the so- 
lutions of polynomials of degree higher than four cannot be in general expressed 
using arithmetic operators and n-th degree roots. Satisfiability witnesses may 
thus have to be expressed using general algebraic roots, and checking them is 
somewhat complex algorithmically. 

In contrast, one can get unsatisfiability witnesses that are checkable using 
simple methods, only involving adding and multiplying polynomials over K. 
Obviously, if one can find Qi, . . . , Qn & K[xi, . . . , Xm] such that J2i PiQi = Ij 
then C has no solution. Again, this method of finding a trivial contradiction 
is both sound and complete for refutation. The completeness proof relies on a 
theorem known as Nullstellensatz: 

Theorem 1 (Hilbert). Let K' be an algebraically closed field, let I be an ideal 
in K'[xi, . . . , Xn]. Let P be a polynomial in K'[xi, . . . , Xn]- P vanishes over the 
common zeroes of the ideals in L if and only if some nonnegative power of P 
lies in L . 

Apply that theorem to P = 1 and / the ideal generated by Pi, ... , Pm- P = 1 
vanishes over the common zeroes of / if and only if they have no common zeroes, 
and, by the theorem, if and only if 1 lies in /, that is, there exists Qi, . . . , Qm G 
K'[xi, . . . , Xn] such that J^i QiPi — ^- i^' is a vector space over K , thus K has 
a supplemental space S ui K' . By projecting the coefficients of the Qi onto K, 
one obtains polynomials Qi £ K[xi, . . . , Xn] such that QiPi = 1. Those Qi 
constitute a unsatisfiability witness for C . 

For the sake of brevity, the remain der of the e x plana tions will be somewhat 



sketchy; the reader can refer to e.g. ICox et al.l [2007l | if needed. By Buch- 



berger's algorithm, or some other algorithm, one can compute a Grobner basis 
P{, . . . , from the Pi, ... , Pm- The ideals generated from both sets are iden- 
tical, but the Grobner basis has the property that a polynomial lies in the 
generated ideal if and only if the remainder of its division by the Grobner basis, 
through the multivariate division algorithm, is null if and only if that polynomial 
belongs to the ideal. We therefore have a method for testing whether an un- 
satisfiability witness exists. Furthermore, if it exists, the division algorithm will 
provide Q[, . . . , Q[^, such that J2j PjQ'j = 0- ™^ kept track of how the 
Pj can be expressed in terms of the Pj, then one can compute the Qi, . . . , Qm 
witness. 

Note that this algorithm is sound hut incomplete when K' is not algebraically 
closed (e.g. the real field R). For instance, the polynomial x'^ + 1 has no 
real solution, yet the polynomial 1 is not a member of the ideal generated by 
it. Thus, Grobner basis computations can provide unsatisfiability witnesses for 
some systems of polynomial equalities over the reals, but not for all. The real 
case is much more complex than the complex case. 
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3 Polynomial Inequalities 



For the sake of simplicity, we shall restrict ourselves to wide inequalities (the 
extension to mixed wide/strict inequalities is possible). Let us first remark that 
the problem of testing whether a set of wide inequalities with coefficients in a 
subfield K of the real numbers is satisfiable over the real numbers is equiva- 
lent to the problem of testing whether a set of equalities with coefficients K 
is satisfiable over the real numbers. The proof is simple: for each inequality 
Pi{xi, . . . ,Xm) > 0, replace it by Pi{xi, . . . ,Xm) — fJ-i =0, where the are 
new variables. One therefore does not gain theoretical simplicity by restricting 
oneself to inequalities. 

3.1 Real Nullstellensatz and Positivstellensatz 



I1973l | proved two theorems regarding the solution sets of systems of 



polynomial equalities and inequalities over the reals (or, more generally, over 
real closed fields) : a Nullstellensatz and a Positivstellensatz. Without going into 
overly complex notations, let us state consequences of these theorems. Let K 
be an ordered field (such as Q) and K' be a real closed field containing K (such 
as the real field M). The corollary of interest to us is: 

Theorem 2. Let Zi, . . . , Zn^, Pi, ■ ■ ■ , Pup be two (possibly empty) sets of poly- 
nomials in K[xi, . . . , Xm] ■ Then Zi{xi, . . . , Xm) = A • • • A {xi, . . . , Xm) = 
A Pi {xi , . . . , Xm) > A • • • A Pjip {xi , . . . , Xm) > has no solution if and only if 
there exist some polynomials A and B such that A + B = 1, A I{Zi, . . . , Z„. ) 
and B G S{Pi, . . . , Pn^), where /(Zi, . . . , Z„^) is the ideal generated by the 
Zi, . . . , Zn^ and S{Pi, . . . , Pn^) is the semiring generated by the positive ele- 
ments of K and P^, . . . , P,j^ . 

Note that this result resembles the one used for linear inequalities (Sec- 
tion [^TT]), replacing nonnegative numbers by sums of squares of polynomials. 

For a simple example, consider the following system, which obviously has no 
solution: 



A Positivstellensatz witness is y^(—2 + y^) + 1(1 — j/^) + 2j/^ = —1. Another is 



3.2 Sum-of-Squares Decomposition for the Wide Inequal- 
ity Case 

Consider the conjunction C: Pi > A • • • A P„ > where Pi S Q[X, Y,Z,...]. 
Consider the set S of products of the form n«,g{o i}{i. ■ ^i"' — ^^^^ ^he 
set of all products of the Pi where each Pi appears at most once. Obviously, if 
one can exhibit nonnegative functions Qr such that X^fles Qr^ — ~1j then C 
does not have solutions. Theorem [5] guarantees that if C has no solutions, then 
such functions Qr exist as sum of squares of polynomials. Lemma |4] ensures 
that each Qr can be expressed as MrQuM]^ where Qfi is a symmetric positive 
semidefinite matrix (noted Qr >z 0) and Mr is a vector of monomials. 




(1) 




5 



Assume that we know the M^^ but we do not know the matrices Qr. The 
equahty ^^^gMnQn^MnYR = —1 directly translates into a system of afRne 
linear equalities over the coefficients of the Qr: '^j^^g MRQR{MiiY R + 1 is 
the zero polynomial, so its coefficients, which are linear combinations of the 
coefficients of the Qr matrices, should be zero. 

The additional requirement is that the Qr are positive semidefinite. One 
can equivalently express the problem by grouping the {Qr)r£S matrices into 
a block diagonal matrix Q and express X]_rgS Qr^ ^ system of affine linear 
equalities over the coefficients of Q. By Gaussian elimination in exact precision, 
we can obtain a system of generators: Q € — Fq + vect(Fi, . . . , Fm)- The only 
issue is then to find a positive semidefinite matrix in this space; that is, find 
ai, . . . , Urn such that —Fq + o^Fi ^ 0. 

This is the problem of semidefinite programming: finding a positive semidef- 
inite matrix within an a ffine linear variety of symmetr i c matrices, op tionally op- 
timizing a linear form. Powers and Wormann 1998| . Parrilo |2000l . chapter 4] 
and others have advocated such kin d of decomposit ion for finding whether a 
given polynomial is a sum of squares. iHarrisonl 2007j | generalized the approach 
to finding unsatisfiability witnesses. 

For instance, the second unsatisfiability witness we gave for constraint sys- 
tem [T] is defined, using monomials 1 and {1,7/}, by: 



! 








i 









0/ 



It looks like finding an unsatisfiability witness for C just amounts to a 
semidefinite programming problem. There are, however, three problems to solve: 

• IS*! 2" can be huge. 

• We do not know the degree of the Qr in advance, so we cannot choose 
finite sets of monomials Mr. The dimension of the space for Qr grows 
quadratically in |A//j|. 

• Semidefinite programming algorithms are implemented in fioating-point. 
They might therefore provide matrices Q that are not truly positive semidef- 
inite. 

Conjunction C has no solution if and only if there exists a set of monomials 
and associated positive semidefinite matrices verifying some linear relations. 
Positive semidefiniteness is a semialgebraic property of the matrix coefficients, 
defined by the nonnegativeness of some polynomials in the matrix coefficients 
(Lemma[5]). Thus, C has no solution if and only there is a set of monomials such 
that some set of wide polynomial inequalities has a solution. We have therefore 
exhibited a form of duality similar to the one described for the linear case in 
section 

Let us first consider the first two problems. iLombardi |l990bl lat provides 
a bound to the degrees of the polynomials necessary for the unsatisfiability 
certificates, but this bound is nonclcmcntary (asymptotically greater than any 
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tower of exponentials), so it is not of a practical value. This bound, however, is 
only needed for the completeness of the refutation method: we are guaranteed 
to find the certificate if we look in a large enough space. It is not needed for 
soundness: if we find a correct certificate by looking in a portion of the huge 
search space, then that certificate is correct regardless. This means that we do 
not need to consider the whole of S, and we can limit the choice of monomials 
in Mfi to small degrees without losing soundness. 

The third problem is more arduous. Here, problems occur when the Q 
matrix provided by the semidefinite programming procedure has eigenvalues 
that are null or at least very close to zero. Due to rounding errors, some of these 
eigenvalues may be slightly negative; exact computations on such a matrix will 
find it not to be positive semidefinite. We shall show in the next section that 
this problem is essential and cannot be resolved by augmenting precision: in 
many cases, the semidefinite programming problem is degenerate and solving 
it involves hitting a hyperplane or some subspace thereof. Since these objects 
have infinite thinness, this is impossible numerically except in some lucky cases. 

4 Degeneracy 

In this section, we shall characterize degeneracy in the semidefinite program- 
ming problem. In a nutshell, direct numerical resolution is possible only if the 
solution set has a nonempty interior: if one finds a solution, then there is a ball 
of solutions around it, so small roundoff errors may not matter. In contrast, if 
the solution set has empty interior, then it is included within a hyperplane or 
some smaller subspace. Except in some rare cases, it is impossible to hit exactly 
on that plane (for instance, with binary floating point, it is impossible to hit 
on a; = 2/3). This makes the results from numerical computations unsuitable 
for being Positivstellensatz witnesses, even if they are close to an exact solu- 
tion. Furthermore, most numerical methods are interior point methods and fail 
altogether to provide a numerical solution when the problem is too degenerate. 

4.1 Solution Set of the Semidefinite Programming Prob- 



Let Fq, Fi, . . . , Fm be symmetric n x n matrices over a subfield K of R. The 
semidefinite programming problem is: find Ai, . . . , Am such that 



We may characterize the solution set for (ai, . . . , am) in two ways: 

• For all V, v^Fv > 0, thus — ^^^ov, defining a closed half- 
space. The solution set, being an intersection of closed half-spaces, is 
therefore convex and closed. 

• The set of positive semidefinite matrices is defined by the sign of the 
coefficients of the characteristic polynomial (see Lemma [S]) , which are 
polynomials in a^. Thus, the solution set is semialgebraic. 



lem 




(2) 
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The solution set may have nonempty or empty interior. Its interior corre- 
sponds to positive definite solutions, while its boundary corresponds to degen- 
erate positive matrices. 

M ost semidefinite programming methods are interior point methods Vandenberghe and Boydl . 
These methods consider both a primal and a dual problem and as- 
sume that both are strictly feasible; the primal being strictly feasible corre- 
sponds to a nonempty interior. The problem of finding ai, . . . , a™ such that 
"-^0 + ctj^i > is equivalent to the problem of minimizing /i > such that 

Assume the ^^o + X^i oii >- Q strict problem has solutions. The problem then 
has nonempty interior, and, aside from numerical precision issues, numerical 
methods should find a solution. The solution set for the strict problem is open; 
if there is a real solution, then within a small ball around it all rational points 
are also solutions. Assuming enough precision, the problem is then solved. 

In general, though, the solution set may have empty interior. Equivalently, 
the least enclosing linear affine variety (the Zariski closure of the solution set) 
may not have full dimension. As an example, consider: 



130555 




150364 



188"S353 



13 
110 

49 



187^ 



19213 
_ 4l|26 

143 



157; 




^:3 = 



89 
95 



153^ 
161 



161 273; 
86 143N 
97 164 



143 164 277; 



(3) 



The solution set is a segment (of positive length) of the line defined by 
a2 — —3/11 and 91(ai -t- az) — 1811. If we recast the problem on this fine, the 
solution set has nonempty interior. Unfortunately, we know of no easy way to 
obtain the equations of this enclosing linear variety in the general case. We can 
however provide some partial solutions to this problem. 

The solution set S has empty interior while being non empty if and only 
if the linear affine variety — i^o + vect(Fi, . . . , F,„) is tangent to the det F = 
variety. This means that the differential of (j) ■ (cn, ■ • ■ , ctm) ^ det(fo+X]i ^i-^O 
is null at the solution point, that is, we are at a singular point of the variety 
defined by this polynomial. 

In the case of example [3l (p — and d(j>/dai — yield four equations. By 
Grobner basis techniques followed by polynomial factorization we can obtain 
(3 -I- 11/2)2 ^ Q g^^^ Q^^^ ^ igii^ 

Yet, in the general case, things are not so simple. Consider the following 
example^ 



/O 1 0\ 

10 

1 

\o 1 oy 



F, 



/I \ 
0-100 

10 

\0 -1/ 



(4) 



a? 



detF = {al 



Grobner basis and factorization techniques will yield 



0. Even if we replaced Fi and F2 by another basis, we would still 



^Courtesy of Kevin Buzzard. 
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obtain a second degree homogeneous polynomial, which can be transformed into 
a sum of squares (Lemma [S]). Now consider: 

/ 9 -5 \ 

-5-7 

7 -5 

V 0-5 -7/ 



^^0 = 



(5) 



F 



-aiFi 



5, a2 = —7), where 



F 






0/ 



(6) 



-a2-F2 has a unique solution (ai 

/2 



Vo 

This may be found algebraically, by constraining the signs of the coefficients 
of the characteristic polynomial of F. Yet, in this very degenerate case where 
the solution is a singl e point within a plane , with a cor responding rank-1 ma - 
trix, neither DSDP5 [Benson ancT^ . |2005| nor SDPA [Puiisawa et"all |2004| . 
two semidefinite programming packages, can compute an approximation to the 
solution. 



4.2 Degenerate Positivstellensatz Problem 

To make constraint system [T] more interesting, we replace y by 3a + 5+ 1, which 
yields 



< Pi =9a^ + 66a + 6a + 6^ + 26 - 1 

< Po = - 81a^ - 10860^ - lOSa^ - bib^a^ 



1086a2 - 54a2 - I2b^a (7) 



- 366^0 - 366a - 12a - 6* - 46^ - 66^ - 46 > 

We look for a witness of the form Qi{l,a, 6)Pi + Q2(l)P2 + Q3(l, a, 6, a6)P3 = 
-1. We group Qi, Q2 and Q3 into a single block diagonal matrix: 



V 



... Qi ... 




> 




Q2 








... Q3 

> 



Q belongs to a linear affine variety defined as — Pq + vect(Pi, 



'Fo 



' —2 — — — — 
11 h, A 

A A A 
fi 2 fi 








ii 








-3 -10 

21 I n 

? ! ? n 
2 22" 

-10 



^2, P3). 
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/ 3 1 

3 9 3 
1 3 1 



9 


3 


9 


27 











3 











0^ 



F. = 



/ 






\ 













-1 
10 
10 
-10 J 



F. 



\ 



All (ai, a2, as) solutions [Q }z 0) verify — 9ai +a2 = —10 (this was obtained 
through algebraic methods). As explained in section lTTl this plane is the Zariski 
closure of the solution set. An example of a solution is ai — 2,a2 = 8, as = 
79. Unfortunately, neither SDPA nor DSDP can compute such a result. Both 
terminate "due to small steps" . 

We have therefore exhibited a simple system with two parameters where, 
due to the emptiness of the solution set, numerical interior point methods fail, 
while algebraic methods can compute a solution point. 

Assuming we have a method for obtaining the Zariski closure (— 9ai + Q!2 = 
— 10), then we can use it to reduce the system. By rewriting a2 = — 10 + 9ai, 
we obtain a system Fq, F[, F2, with a solution set with nonempty interior, and 
numerical solving works. 

Algorithms for computing the Zariski closure of a semialgebraic set should be 
at least as complex as those for finding a single solution point, if only because, in 
the case of a solution set consisting of a single point, the Zariski closure is equal 
to that point. Yet, the Zariski closure is only useful so as to help numerical 
methods find solution points, so computing this closure by computing solution 
points or equally complex computations defeats the purpose. 

With more complex examples (more polynomials, larger monomial bases), 
the number of ai coefficients grows dramatically (in the hundreds). Computing 
the determinant of a symbolic matrix Qi may become untractable. Algebraic 
methods for computing solution points are then infeasible, since they rely on 
the sign of the determinant. 
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Assuming the numerical method does not fail and produces a good approx- 
imation ai, . . . ,am to a rational solution, one can use several methods to help 
compute the rational solution. The most obvious one is to find rational approxi- 
mations to the floating-point by e.g. continued fractions; yet this fails to obtain 
a solution in most cases. If the Zariski closure has dimension z < m, assuming 
this closure is not parallel to the ai = K plane and the approximation is good 
enough, then by choosing ai = di one "slices" the problem down to finding a 
point within a 2 — 1-dimensional solution set within am— 1-dimension space. 
If one does that with many variables, one obtains a 0-dimension solution set (a 
single point) within a z — m space. Then, the problem has empty interior, and 
cannot be solved numerically in general: only algebraic methods are feasible. 

5 Conclusion 

The approach of finding unsatisfiability witnesses for real polynomial inequalities 
through Positivstellensatz and reduction to semidefinite programming looked 
promising. Unfortunately, it suffers from several drawbacks: 

1. If one has n polynomial inequalities, then one has to consider at most 2" 
terms in the sum expressing the unsatisfiability witness. 

2. There is no reasonable known bound on the size of the monomial bases to 
consider. 

3. In general, one gets a degenerate semidefinite programming problem — 
that is, a problem whose solution set has no interior point. Numerical 
interior point methods in general fail to converge on such problems. Even 
if they do provide an approximate solution, this solution cannot be easily 
mapped to an exact rational solution. It is possible to get rid of this 
problem by going into lower dimensions, however this involves computing 
the Zariski closure of the solution set, which may be as difficult as finding 
a solution point. This defeats the purpose of using numerical methods, 
which was to avoid costly algebraic algorithms. 
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A Lemmas 

A.l Sums of Squares and Symmetric Matrices 

Lemma 3. Let v £ K". Then, v^v is a n x n symmetric positive semidefinite 
matrix. 

Proof, v'^v is obviously symmetric. Let A be a eigenvalue for it, and x a corre- 
sponding eigenvector: xv'^v — Xx. Thus, ||wx"^||2 — {vx'^)'^ {vx'^) = xv'^vx^ = 
Xxx^ — \\x\\2. Since x ^Q, \ must be nonnegative. □ 

Lemma 4. Let P G K[X, Y, . . .] be a sum of squares of polynomials P^ . Let 
M = {mi, . . . , be a set such that each Pi can be written as a linear combi- 

nation of elements of M (M can be for instance the set of monomials in the Pi). 
Then there exists a \M\ x symmetric positive semidefinite matrix Q with 
coefficients in K such that P{X, Y, . . .) — [mi, . . . , TO|m|]Q['71i, . . . , m\M\\^ j not- 
ing v'^ the transpose of v. 

Proof. Let us decompose Pi [X, Y, . . .) into a linear combination of monomials 
I]i<j<|M| Pij^^j- Let Vi be the vector [p^^i, . . . ,pi^„i]; then Pi{X,Y,...) = 
Vi[mi, . . . ,m\M\V ■ P'i{X,Y,...) is thus [rni, . . . ,m\M\\'^J Vi[mi, . . . ,m\M\V ■ 
Qi = vjvi, by lemma [3] is symmetric positive semidefinite. Q = TliQi thus 
fulfills the conditions. □ 

Let us remark that the converse is correct for matrices over M, by diagonal- 
ization: any symmetric positive semidefinite matrix is a sum of squares of linear 
forms. We may also obtain such a decomposition over Q: 

Lemma 5. Let Q be a nx n .symmetric matrix over a subfield I'C o/M. Then Q 
can be written as U^DU where U and D are also over K , D is diagonal and U is 
upper triangular. Otherwise said, (xi, . . . , Xn) ^ (xi, . . . , XnYQixi, . . . , Xn) can 
be written as X]i"=i dili{xi, . . . , XnY' where U is a linear form and only depends 
on xi, . . . ,Xi. Furthermore, D and U have the same signature; in particular if 
Q is positive semidefinite, then D only has nonnegative coefficients 
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Proof. By induction over n. The case n = 1 is obvious; consider n > 1. Let 

I = ^1, . . . , -j^ffj ■ Qi = Q — <li,il^l contains only zeroes on its first line 

and column. By the induction hypothesis, Qi = UlDiUi. Let D — {qi^i,Di) 
(concatenation along the diagonal) and U = {l,Ui) (concatenation of lines), 
then Q — U*DU. The result on signatures ensues from Sylvester's inertia 
theorem. □ 



A. 2 Semialgebraic Characterization of Positive Semidefi- 
nite Matrices 

Lemma 6. Let cri{Xi, . . . , Xn), where I < i < n, denote the i-th elementary 
symmetric polynomial in the variables Xi, . . . , X„. xi, . . . are all nonnega- 
tive if and only if cti(xi, . . . , x„), . . . , ct„(xi, . . . , x,i) are so 

Proof. One direction is evident: if xi, . . . , a;„ are nonnegative, then ai{xi, . . . , a;„), . . . , an{xi, . . . ,Xn) 
also are nonnegative, for these polynomials have nonnegative coefficients. 

Let us suppose that (Ti{xi, . . . , Xn), . . . , cr„(xi, . . . , a;„) are nonnegative, and 
that at least one of them is positive, the roots of the polynomial 

P(X) = X" + X;r=i(-l)'o-*(a;»,- - •:a;„)X"-\ For p < 0, P{p) > by the rule of 
signs, so this polynomial has no negative roots thus xi, . . . ,Xn are nonnegative. 

The last case is where ai{xi, . . . , Xn) — ■ ■ ■ — an{xi, . . . , Xn) — 0. Since 
(T„(a:i, . . . ,Xn) = xi . . . Xn — 0, this means at least one of the Xi is null. The 
problem reduces to the same with a lower n. □ 

Lemma 7. Letxi, . . . ,a;„ be nonnegative reals. Then, the sequence {ai{xi, . . . ,x„))o<i<n 
consists in k zeroes followed by n — k positive reals where k is the number of 
zeroes among xi , . . . , a;„ . 

Proof. Obvious. □ 

Lemma 8. Let M be a n x n real symmetric matrix. Let xm{X) = det(M — 
X.Id) — '^^i^QPiX" be its characteristic polynomial. Then M is positive semidef- 
inite if and only if for all < i < n, (— l)*pi > 0. Furthermore, the sequence 
{—lypi consists in dimkerM zeroes followed by n ~ k positive numbers. 

Proof. For all < i < n, pi = (— l)V„_i(Ai, . . . , A„) where the (Ai)i<i<„ are 
the eigenvalues of M (multiple eigenvalues are counted as several Xi). The result 
then ensues from lemmas E] and [7] □ 
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